Windows File Protection Wfp Patcher Switcher Video
Home 2007 February List of Some Useful System Utilities! To patch the UXTheme.dll file run the program. Windows File Protection Switcher. Tango and gnome 7zip patcher. List of Some Useful System Utilities! UXTheme Multi-Patcher. 2.) Windows File Protection Switcher. List of Some Useful System Utilities!
I hv seen many times and hv been asked by many members about: How to disable Windows File Protection service? How to use 3rd party Visual Styles? How to delete the files which are in use by windows? And many other questions! So I decided to start this thread to share some useful system utilities, that can be useful in such cases! I'm sure that many members would know about many of these utilities but many new members and others may find this useful!
1.) UXTheme Patcher It patches the UXTheme.dll for Windows XP and 2003 and allows you to use un-signed custom visual styles. To patch the UXTheme.dll file run the program, it will determine your operating system, then patch the appropriate file and reboot your PC.
To un-patch the UXTheme.dll file, run the program again, and it will un-patch the.dll and then reboot your PC. 2.) Windows File Protection Switcher Windows File Protection Switcher lets you disable and re-enable Windows File Protection (WFP) permanently. 3.) Replacer Replacer is an easy to use system file replacer for Windows 2000 and XP. It safely replaces protected or in-use system files. 4.) Unlocker Many times we face following ERROR messages while deleting or moving a system file in windows: = Cannot delete file: Access is denied = There has been a sharing violation.
= The source or destination file may be in use. = The file is in use by another program or user. = Make sure the disk is not full or write-protected and that the file is not currently in use. Unlocker is the solution of this problem! U can easily move/delete system files w/o ne problem even while windows is running using unlocker. 5.) Log off / Shutdown Text Remover In Windows VISTA, the text on Log off & Shutdown buttons has been removed, so if you also want to remove the same text in xp, then this software is for you.
It has following features: = Simple and easy = Works on all XP/2003 = Support non-English OS (every language) = Related strings in String Table 439 won't be modified. PS: It is known to be buggy with non-english XP versions. 6.) Glass2k Glass2k is a small little program that allows Windows 2000/XP users to make any window transparent.
Right-click on any window or press the keyboard shortcuts (Control + Shift + 0-9) to make any window transparent. 7.) Vista Start ORB (Make XP Start Button look-a-like VISTA) The whole Vista Start ORB that never hides behind the taskbar, and you can use it on any skin. Set it in 'Always on top' first. 8.) Styler This application allows you to do a lot of interesting customizations, though it is not easy to use at first. It can add a drop shadow to your windows, change Clear Type contrast, change a visual style's color or a wallpaper's and much more. But its most useful function is located in the 'Styler Toolbar' which can entirely change the look and feel of the Windows XP's toolbar.
Wfp Patcher Download
So, you can change your toolbar to make it look like Windows Vista's. Styler doesn't use much memory (less than 1MB when it's used in the background), but to use all its function, especially for the drop shadow, you'll need a powerful computer.
Normal process usually entails hex editing sfcos.dll. I am testing SP3 RC1 and I could not find anyone who had hacked it yet. Searching the net I found a guy who figured out a way to make XP think it was in safe mode thus SFC/WMP is disabled.
The cool thing about this hack is no matter what previous or future version you are running WFP can be disabled in the same manner. Using the hex editor method the values constantly change. Solidthinking serial mac. He also found out a way to enable the security tab when your machine is not a member of a domain. FYI just in case: rshx32.dll = Security tab sfcos.dll = WFP Credit goes to Neowinian on neowin.net forums for the solution: Here's how to make the Windows XP file system think it's in safe mode.
Wfp Patcher
This will disable Windows File Protection, and also add the Security tab when you right-click on a file in Explorer and select Properties. Step 0: XP ships with a simple hex editor called DEBUG.EXE that is required for this procedure. If you deleted it, put it back in the windows system32 directory - you can remove it afterwards if you wish. Step 1: Click StartRun, type in SERVICES.MSC and press the key.
Find the entry labeled Cryptographic Services and double-click it. Change the startup type to Disabled and click Apply, then click the Stop button, and then click OK. (Note: if you already had Cryptographic Services disabled, omit this step as well as step 8.) Step 2: Open a CMD.EXE Command Prompt window and type the following commands: cd windows system32 ren rshx32.dll rshx32.old ren sfcos.dll sfcos.old You will probably receive warning messages from Windows File Protection after each REN command. Make sure to select the options to ignore the warning and allow the files to be renamed.
Step 3: Type the following commands: cd del rshx32.dll /s del sfcos.dll /s cd windows system32 copy rshx32.old rshx32.dll copy sfcos.old sfcos.dll IMPORTANT!!! You MUST rename the files in Step 2 before you can copy them in Step 3, or this procedure will not work! Step 4: Type the following command: DEBUG rshx32.dll You'll now have a minus-sign as a prompt. Type the following command: S 100 8000 74 00 5C 00 4F DEBUG will return a line of the form: 0ADE:0AC0 The four-character letter-number combination after the colon is what you must enter in the command below. Now type the following three commands: E 0AC0 74 00 00 00 4F (use the value returned to you above and not 0AC0!!!) W Q Step 5: Type the following command: DEBUG sfcos.dll You'll now have a minus-sign as a prompt.
Type the following command: S 100 8000 74 00 5C 00 4F DEBUG will return a line of the form: 0ADE:0AC0 The four-character letter-number combination after the colon is what you must enter in the command below. Now type the following three commands: E 0AC0 74 00 00 00 4F (use the value returned to you above and not 0AC0!!!) W Q Step 6: Type the following commands: copy rshx32.dll dllcache copy sfcos.dll dllcache Step 7: Close the Command Prompt window, open Regedit, and go to the following key: HKEYLOCALMACHINE SYSTEM CurrentControlSet Control SafeBoot Create a new DWORD value called OptionValue and give it a value of 1.
Close Regedit. Step 8: Run the SERVICES.MSC program, select Cryptographic Services, change the startup type to Manual, and click Apply. Do not start the service! (Note: omit this step if Cryptographic Services was disabled before you began this procedure.) Step 9: Reboot your system. You will now have the security tab at all times, and Windows File Protection will be disabled. If you would like to remove the tab and re-enable Windows File Protection, use Regedit to change OptionValue to 0, and then reboot your system.
The method used to patch RSHX32.DLL and SFCOS.DLL should work on any version of the file, including future versions issued in upcoming service packs or hotfixes. Please note that if you apply these patches, they will take precedence over safe mode. This means that you must first set OptionValue to 1 in the registry before you boot into safe mode in order to see the security tab and to have Windows File Protection disabled.
Edited January 12, 2008 by snooz. This is the Internet's word of mouth. A very dangerous thing. Is the original (?) article about getting the Security tab appear in XP home. Notice it suggests naming it OptionValuf to differ from the original.
Rshx32.dll is patched. But what about the others? Are you ready to patch your whole OS? Not to mention that I still fail to comprehend how this dll relates to SFC. But maybe that's just me. Or THAT is the method that the author has discovered.
But I wouldn't risk to patch it on a live system (while I don't have that problem with sfcos.dll). I haven't tried this tweak and don't recommend it to anyone. All I know is, last time I created an OptionValue in the registry (I like to tinker with Regmon a lot, and I saw many applications were trying to read it) I lost my soundcard and other drivers. I believe this is the value that gets set when you choose which flavor of Safe Mode you want - with networking, etc.
And by the way, many drivers don't start in safe mode. Do you really want to be constantly in safe mode? To back up my claims, here's a list of files in system32 folder that query the OptionValue entry: advapi32.dll credui.dll cscdll.dll dhcpmon.dll filemgmt.dll kernel32.dll localsec.dll lsasrv.dll msgina.dll msv10.dll netcfgx.dll netid.dll ntdll.dll ntkrnlpa.exe ntoskrnl.exe ntshrui.dll pautoenr.dll rshx32.dll samsrv.dll services.exe sfcos.dll smlogcfg.dll smss.exe syssetup.dll winlogon.exe Found through searching unicode strings. There may be others, this is a heavily nLited system. It seems this is an (undocumented by Microsoft?) way of determining if we're in safe mode or not. Since I was the 'Neowinian' who originally posted the above patches, I'm wondering why the OP didn't put a link to my post (don't care about credit per se, but this seems like 'ripping').
Anyway, to GrofLuigi.note that this patch moves 'OptionValue' in the two DLLs to HKEYLOCALMACHINE SYSTEM CurrentControlSet Control SafeBoot from HKEYLOCALMACHINE SYSTEM CurrentControlSet Control SafeBoot Option and effectively gives the user control over operation of the Security tab and WFP. By setting OptionValue to 1, you see the Security tab and WFP is disabled. By setting it to 0, WFP is enabled and the Security tab disappears. The possible downside is that the patched OptionValue now takes precedence over Safe Mode for these two functions - which for my purposes is no downside whatsoever, but it might be a problem for others. I also documented this possible downside in the patch posted above. All other DLLs will respect the OptionValue that XP puts in HKEYLOCALMACHINE SYSTEM CurrentControlSet Control SafeBoot Option when it loads in Safe Mode. Edited January 14, 2008 by mhc.
Where do I begin. Oh yeah, I know. Have you ever looked at the hex code in RSHX32.DLL or SFCOS.DLL?
I have, and what I did above is a FAR better way to hack these programs than, for example, finding the mysterious '-63' check in SFCOS.DLL. Are you aware that SFCOS.DLL does a simple check for safe mode just like it does a simple check for -63? And that RSHX32.DLL checks for safe mode for the sole reason to determine whether to display the Security tab in XP Home?
And that for these reasons, the above patches affect no other operation in XP? Geez, these patches aren't like eliminating core XP components that can break the most popular programs sold in the marketplace.it's just altering simple checks in two DLLs! I would be reacting differently if you actually TRIED the hacks and found problems with them. Right now you're shooting from the hip with statements that IMO have no basis in reality.
Oh, FWIW, what I did above is hex editing. And what you call hex editing is also fooling the operating system as much as what I did above. The difference is that the above way is a better solution, period, than attempting to hack actual code since it is version-independent. And since the registry value set by NTOSKRNL.EXE to signify safe mode is checked by so many DLLs when they are loaded, that value will not change at this point in XP, so hacking that location in SFC-OS.DLL and RSHX32.DLL will remain valid for the remainder of XP's life.
Edited January 15, 2008 by mhc. Sfcos.dll: Change the xor eax,eax inc eax to nop nop nop at offset EC95, EC96, EC97: 33C041 to 909090 Fyyre, I don't know where you got that but it's not good. 'xor eax, eax' and 'inc eax' should be 33C040 not 33C041 And at offset EC95 there is no 'xor eax, eax' but 'xor ecx, ecx' which is 33C9 - To permanently disable Windows File Protection - Windows XP Pro SP3 (5.1.2600.3264) Without using the registry. At offset EC84, replace by 3BC0EB3290 cmp eax, FFFFFF9D jne 76C6F891 by cmp eax, eax jmp 76C6F8BA Edited January 21, 2008 by jdoe.